The report comes from Bloomberg (via AppleInsider) where Amazon had apparently discovered the additional hardware in startup Elemental Technologies, who they were apparently keen on acquiring several years ago. During their discovery, they discovered a microchip about the size of a grain of rice that was not part of the original design, and which would have apparently allowed attackers to access a “stealth doorway onto any network”.
Bloomberg claims that Apple was informed of the chips and reported it to the FBI, but kept the details of what they found quiet, and eventually removed all servers from its data centers that were affected by it. Apple has since refuted Bloomberg’s report and released a statement of their own.
According to Apple, “Apple is deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.”
AppleInsider’s sources have also “confirmed” that Bloomberg’s report was incorrect, and that allegation of an attack was “really, really wrong.”